Focus Mode
Info Data Leak

IT Giant Atos Responds to Ransomware Group’s Data Theft Claims

SecurityWeek

Summary: Atos, a French IT services giant, has denied any compromise of its systems despite claims by the ransomware group Space Bears that they have stolen data from the company. Atos confirmed that while some data mentioning the company may have been obtained, no sensitive information or proprietary data was exposed.

Threat Actor: Space Bears | Space Bears
Victim: Atos | Atos

Key Point :

  • Space Bears claimed to have obtained a “company database” from Atos.
  • Atos stated that no ransom demand has been received and no evidence of a breach was found.
  • The data mentioned by Space Bears is believed to be either public information or non-sensitive technical data.
  • This incident follows previous claims by other ransomware groups, including BlackBasta and Cl0p, regarding data breaches involving Atos.

French IT services giant Atos said its systems have not been compromised after a ransomware group claimed to have stolen data belonging to the company.

A cybercrime group named Space Bears listed Atos on its Tor-based leak website last week, claiming to have obtained a “company database”. 

Shortly after, Atos issued a statement saying that it had been investigating the data breach claims, but its initial analysis had shown “no evidence of any compromise or ransomware affecting any Atos/Eviden systems in any country, and no ransom demand has been received to-date”.

In an updated statement issued on Friday, Atos said the ransomware group’s allegations are “unfounded”, but it did confirm that the cybercriminals may have obtained some data pertaining to the company.

“No infrastructure managed by Atos was breached, no source code accessed, and no Atos IP or Atos proprietary data exposed,” Atos said.

It added, “Atos understands that external third-party infrastructure, unconnected to Atos, has been compromised by the group Space Bears. This infrastructure contained data mentioning the Atos company name, but is not managed nor secured by Atos.”

The exact origin of the data obtained by Space Bears remains unclear, but Atos told SecurityWeek that the data mentioning Atos is either public information or technical data containing no sensitive information.

Based on its website, the Space Bears group has been around since at least the spring of 2024. Its site currently lists over 40 victims. The hackers are threatening to leak the stolen Atos data in less than two days. 

Advertisement. Scroll to continue reading.

This is not the first time Atos has been mentioned on a ransomware group’s website. The notorious gang BlackBasta listed Atos on its leak site in July 2024, claiming to have stolen 710 Gb of data, including personal information and confidential corporate files. Atos does not appear to have addressed those claims. 

In 2023, Atos confirmed that the Cl0p ransomware group stole some data from a backup folder associated with a company it had acquired after exploiting a zero-day vulnerability in GoAnywhere MFT software. The GoAnywhere campaign had hit several major organizations.

Related: New York Hospital Says Ransomware Attack Data Breach Impacts 670,000

Related: Cisco Confirms Authenticity of Data After Second Leak

Related: Rhode Islanders’ Data Was Leaked From a Cyberattack on State Health Benefits Website

Related: American Addiction Centers Data Breach Impacts 422,000 People

Source:
https://www.securityweek.com/it-giant-atos-responds-to-ransomware-groups-data-theft-claims/

Tags: VULNERABILITY, BACKUP, LEAK, HOSPITAL, ZERO-DAY